I don’t know if there is something that can be done.
But you come here complaining about a Google feature. This is like you going to a Mercedes garage complaining about a trouble you have in your BMW. What’s the sense?
That’s how it works.
If the excuse is the “Kids can install VPN” well, the kids parents have to care and set up computer account for them with no admin rights, then they have to use group policies to restrict or allow access to features like Tor and VPN extensions and all that, just like enterprises do.
I mean, I remember a family member installing uBlock and then getting a message from IT saying how “you are installing many extensions so we will restrict you from doing so” so that’s kind of like the power parents could get if they wanted to, so many ways to restrict access to things by just ‘admin rights’, because you don’t even need admin rights to install or run a browser, but then, everything can be bypassed easily if anyone wants to, unless you set passwords even on Bios so they are not even able to load like a live Linux distro in a USB or something.
You can’t relay on extensions to block the installation of extensions, I mean, Chrome Extension Store can be bypassed so easily, I don’t even need to go to install my extensions, plus anyone can install them through Github and all that, or what about using Opera or something that has a ‘vpn’ built-in?
You need to go deeper than "I want extensions to work in Chrome web Store, because anyone with a brain can figure out how to bypass that.
I mean, even using Modem/Router features or DNS or something can be better than using an extension to try to stop extensions’ installations.
There are certain privileged pages on a browser. On chrome/firefox/brave and every single other browser about://newtab is a privileged page along with the web store page.
Even any firefox extension will not work on firefox add-on store. Try it out on your end, you get the same result as chrome web store. For eg., Try Dark Reader extension available on both stores, go to the web stores, then go to dark reader settings, it will say ‘Disabled for current website’.
It is to prevent extensions from doing anything malicious.
The internet filter should be certificate based, DNS level. If it is you can just block the domain, hostname, DNS of the chrome web store. Then the kid cannot any extension from the web store no matter what.